Policy Settings
The Enforce Trusted Access for Policies on AWS S3 Buckets policy pack has 7 policy settings:
| Policy | Setting | Note |
|---|---|---|
| AWS > S3 > Bucket > Policy > Trusted Access | Check: Trusted Access | |
| AWS > S3 > Bucket > Policy > Trusted Access > Accounts | - "123456789012" - "123456789013" | |
| AWS > S3 > Bucket > Policy > Trusted Access > CloudFront Origin Access Identities | - "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EH1HDMB1FH2TC" - "EH1HDMB1FH2TC" | |
| AWS > S3 > Bucket > Policy > Trusted Access > Identity Providers | - "www.acme.com" - "www.example.com" | |
| AWS > S3 > Bucket > Policy > Trusted Access > Organization Path Restrictions | - "o-c3a5x8sd31/r-wxnb/ou-wxnb-dasdtpaq/ou-*" - "o-c3a5x8sd11/r-wxnb/ou-wxnb-dfadtpaq/*" | |
| AWS > S3 > Bucket > Policy > Trusted Access > Organization Restrictions | - "o-c3a5x8sd31" - "o-c3a5x8sd11" | |
| AWS > S3 > Bucket > Policy > Trusted Access > Services | - "sns.amazonaws.com" - "ec2.amazonaws.com" |